Accepted gnutls13 1.4.0-3ubuntu1 (source)
Martin Pitt
martin.pitt at ubuntu.com
Mon Sep 18 13:35:09 BST 2006
Accepted:
OK: gnutls13_1.4.0-3ubuntu1.dsc
-> Component: main Section: devel
OK: gnutls13_1.4.0-3ubuntu1.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 18 Sep 2006 14:22:47 +0200
Source: gnutls13
Binary: libgnutls-dev libgnutls13 gnutls-bin gnutls-doc libgnutls13-dbg
Architecture: source
Version: 1.4.0-3ubuntu1
Distribution: edgy
Urgency: low
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
gnutls-bin - the GNU TLS library - commandline utilities
gnutls-doc - the GNU TLS library - documentation and examples
libgnutls-dev - the GNU TLS library - development files
libgnutls13 - the GNU TLS library - runtime library
libgnutls13-dbg - GNU TLS library - debugger symbols
Changes:
gnutls13 (1.4.0-3ubuntu1) edgy; urgency=low
.
* SECURITY UPDATE: Signature forgery.
* Add debian/patches/00CVS_CVE-2006-4790.patch:
- Check excessive data in padding of PKCS #1 v1.5 signatures to prevent
applications from incorrectly verifying the certificate. (Similar to
recent OpenSSL update.)
- Patch taken from upstream CVS:
http://lists.gnupg.org/pipermail/gnutls-dev/2006-September/001212.html
- CVE-2006-4790
Files:
06b7e103a05f77e09ad7d414cf43d96c 989 devel optional gnutls13_1.4.0-3ubuntu1.dsc
1422da540d753bff6ab0eb71355edf2d 11710 devel optional gnutls13_1.4.0-3ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFFDpBFDecnbV4Fd/IRAoUvAJ9GpThdcw3araT76qFeOJudGmgx6QCg9zm0
hnOG9vEUHWx79s82KS5tP5g=
=+V+0
-----END PGP SIGNATURE-----
application finalize called
More information about the edgy-changes
mailing list